Author
Topic: firewall/port forwarding issue (??) (Read 6872 times)

I have some 3 Dreamboxes (satelite receivers) in my house, since Linuxmce installation behind the core... They need to be accessible from the internet (don't ask me why, it's a "funny" reason)

Before that, to get to these boxes, i just set port forwarding on my dsl modem/router like following:port 5901 in -- port 5900 and ip 192.168.0.5 outport 5902 in -- port 5900 and ip 192.168.0.6 outport 5903 in -- port 5900 and ip 192.168.0.7 outThat worked without any problems, like said, till LMCE install.

First, i tried to access only the core. So i setup just like: port 5900 in - port 5900 and 192.168.0.31 out (that is my static core ip). No problem!**

BUT, if i try to set the port forwarding up on the dsl modem/reouter and the core, like follows, it does not work...

the "core_input" rules simply instruct your linuxmce box to ACCEPT traffic on those ports. By default those ports are closed. Unless you have your firewall disabled already, in that case I don't have any suggestions other than researching how to use iptables on the command line to implement your forwarding rules.

When your defining a "core_input" rule the only field your going to use is the first one for choosing "protocol" and the two boxes for "source port"... the "source port" fields are your range, so in the first box you'd put 5901 and the second box you'd put 5903, and from your rules you need udp, so you choose udp until "protocol" then click "Add"... thats it.

See, how port 25 is specified TWICE, once in "core_input" and once using "port_forward"...

for each port you want to forward, would need to look like my example...

another easy but less secure solution would be to totally disable your firewall, then it would accept traffic on ALL ports. I would highly advise AGAINST that action. I only mention it to help you understand the nature of all this.

From what I can see the firewall rules seem to be correct. The only thing "unusual" I see is eth1, so I'm guessing you have the interfaces "swapped", that shouldn't make any difference though. Unless they aren't supposed to be, which happened to me once when I mistook the "swap interfaces" button for the "update" button on the network settings screen.